Avoiding an expensive data leak

The new General Data Protection Regulations (GDPR) in the EU highlight the responsibilities all organisations have to protect customer data. In the EU, penalties for leakage of personal data are increasing a hundredfold and other jurisdictions are likely to follow suit.

The printed document is the oldest source of data leaks, and protection of printed output remains an important issue to this day. The first line of defence is to prevent unwanted copies of a document being printed and PaperCut MF’s find-me printing does that very well. But once printed, a paper document left behind in the cafe or on a train seat is typically anonymous, making it impossible to determine when and by whom it was printed. PaperCut NG and MF also provide innovative solutions to this problem – but more about that later.

At PaperCut, we’ve been tackling print security for a long time. Our original hackers were armies of school and university students looking for a way to get a free print or copy. And you wouldn’t believe the things that a motivated student will try!

Behind the scenes at PaperCut, we have been making changes to better equip ourselves for a security conscious world. Recently we established our own Security Response Team (SRT), which formally brings together our company’s top security talent to raise the bar on how we do security. The responsibilities of the SRT include giving the existing application and all new features a thorough security review. When customers report a potential security issue, the SRT is standing by – ready to investigate and quickly fix any nasty reported vulnerabilities.

In more recent years, PaperCut NG and MF are regularly subjected to customer sponsored penetration tests that pound the software from all angles looking for vulnerabilities. If you do run a penetration test and find something – please report it to us through customer support and they will pass it on to the SRT.

Unfortunately, no amount of pen testing will stop a careless employee leaving a sensitive document behind on the train seat. A purely digital solution won’t work in this case. What we need is a way to strongly influence user behavior.

Perhaps a confidential document policy and user education will do the trick? That could be part of a solution, but in practice, policies are not sufficient on their own. But a clear policy coupled with security features in PaperCut NG and MF make for a very strong combination.

Way back in 2010 (release 10.5), we introduced the ability to add a watermark to every printed page. This watermark may contain the user name and date of printing – or even more powerful – a digital signature. A digital signature can be used to uniquely trace any printed page to the exact entry in the job log for that printed document, giving the time of printing, the printer used and the person who printed the document. This sends a powerful message to users that they remain accountable for every page they print.

Perhaps PaperCut was ahead of its time, because for a number of years watermarking has been considered a minor feature – almost forgotten. But In 2017 its time has come. To celebrate, we’ve made it more powerful by adding full page watermarking. This feature, was for us a cool technical challenge to implement and for you, ensures that the watermark cannot be intentionally clipped off the page. Of course you don’t want the full page watermark on every printed document, so it’s good to know you can automatically turn on and off a watermark using a print script to set the watermark text.

There is plenty more to say in the realm of print security, as there are security questions to answer right from the time a user presses Ctrl-P to toner being laid down on the paper and beyond. To help people answer these questions, we recently put out a whitepaper covering end-to-end print security best practices. If print security is your concern, please check it out here – “Securing your Print System”.

About The Author:

Geoff Smith leads the development and product teams at PaperCut Software. He came to PaperCut four years ago after holding roles as software developer architect and project manager at HP and Agilent Technologies. Geoff is a member of PaperCut’s Leadership Team and has overseen the rapid growth in our development capability. Outside PaperCut, Geoff is a keen dinghy sailor and likes to spend his Saturday afternoons at the helm of a small boat.